International Journal of Scientific & Technology Research

IJSTR@Facebook IJSTR@Twitter IJSTR@Linkedin
Home About Us Scope Editorial Board Blog/Latest News Contact Us

IJSTR >> Volume 8 - Issue 3, March 2019 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Information System Security: Human Aspects

[Full Text]



Zaied Shouran, Tri kuntoro Priyambodo, Ahmad Ashari



security awareness, human aspects, information security.



Numerous organizations recognize that their workers, who are usually thought of the weakest link in information security, also can be great assets in the effort to reduce risk associated with data security. Information security has not been given enough consideration among the writing as far as the human issue impact; researchers have involved a lot of examination throughout this area. Human factors assume a noteworthy in computer security. all through this paper, we target the relationship of the human factor in information security showing the human weaknesses which can cause unintentional harm to the organization and discuss, be that as it may, information security awareness may be a major tool in overcoming these weaknesses.



[1]. A. McCormac, K. Parsons, M. Butavicius, and L. Ferguson, “Human Factors and Information Security: Individual, Culture, and Security Environment,” Sci. Technol., no. DSTO-TR-2484, p. 45, 2010.

[2]. R. Samans and M. Hanouz, The Global Information Technology Report 2016 Preface. 2016.

[3]. J. Abawajy, “User preference of cyber security awareness delivery methods,” Behav. Inf. Technol., 2014.

[4]. T. K. Priyambodo and D. Suprihanto, “Information security on eGovernment as information-centric networks.,” Intl. J. Comput. Eng. Res. Trends, vol. 3, no. 35, p. 365, 2016.

[5]. N. Badie and A. H. Lashkari, “A new Evaluation Criteria for Effective Security Awareness in Computer Risk Management based on AHP,” J . Basic . Appl . Sci . Res, vol. 2, no. 9, pp. 9331–9347, 2012.

[6]. E. Metalidou, C. Marinagi, P. Trivellas, N. Eberhagen, C. Skourlas, and G. Giannakopoulos, “The Human Factor of Information Security: Unintentional Damage Perspective,” Procedia - Soc. Behav. Sci., vol. 147, pp. 424–428, 2014.

[7]. M. Pattinson, M. Butavicius, K. Parsons, A. McCormac, and D. Calic, “Factors that Influence Information Security Behavior: An Australian Web-Based Study,” in Human Aspects of Information Security, Privacy, and Trust, 2015, pp. 231–241.

[8]. E. Albrechtsen, “A qualitative study of users’ view on information security,” Comput. Secur., vol. 26, no. 4, pp. 276–289, Jun. 2007.

[9]. ISACA, “IT Standards , Guidelines , and Tools and Techniques for Audit and Assurance and Control Professionals,” Professional Ethics. 2010.

[10]. R. Von Solms, J. V. N. & security, and undefined 2013, “From information security to cyber security,” Elsevier.

[11]. W. Ben, L. Judith, and W. S. Glen, “This document is downloaded from DR-NTU , Nanyang Technological,” 2014.

[12]. D. L. Goodhue and D. W. Straub, “Security concerns of system users: A study of perceptions of the adequacy of security,” Inf. Manag., vol. 20, no. 1, pp. 13–27, Jan. 1991.[13] R. Anderson et al., “Measuring the cost of cybercrime Motivation A framework for analyzing the costs of cybercrime Fitting the estimates into the framework,” 2012.

[13]. P. T. E. M. (IEEM), 2011 IEEE, and undefined 2011, “Work motivation and job performance of frontline employees: the mediating role of organizational commitment,” ieeexplore.ieee.org.

[14]. N. A. G. Arachchilage and S. Love, “Security awareness of computer users: A phishing threat avoidance perspective,” Comput. Human Behav., vol. 38, pp. 304–312, 2014.

[15]. E. Kritzinger, “Cyber Security for home users: A New Way of Protection through Awareness Enforcement,” pp. 1–15.

[16]. N. S. Safa, M. Sookhak, R. Von Solms, S. Furnell, N. A. Ghani, and T. Herawan, “Information security conscious care behaviour formation in organizations,” Comput. Secur., vol. 53, pp. 65–78, 2015.

[17]. M. La Polla, F. Martinelli, and D. Sgandurra, “A survey on security for mobile devices,” IEEE Commun. Surv. Tutorials, vol. 15, no. 1, pp. 446–471, 2013.

[18]. G. L. Kovacich and E. P. Halibozek, The manager’s handbook for corporate security : establishing and managing a successful assets protection program. Butterworth-Heinemann, 2003.

[19]. A. Mylonas, A. Kastania, and D. Gritzalis, “Delegate the smartphone user? Security awareness in smartphone platforms,” Comput. Secur., vol. 34, pp. 47–66, 2013.

[20]. S. Allam, S. V. Flowerday, and E. Flowerday, “Smartphone information security awareness: A victim of operational pressures,” Comput. Secur., vol. 42, no. March 2018, pp. 55–65, 2014.

[21]. N. A. G. Arachchilage and S. Love, “A game design framework for avoiding phishing attacks,” Comput. Human Behav., 2013.

[22]. F. H. Alqahtani, “Developing an Information Security Policy: A Case Study Approach,” Procedia Comput. Sci., vol. 124, pp. 691–697, 2017.

[23]. T. K. Priyambodo and Y. Prayudi, “Information security strategy on mobile device based egovernment,” ARPN J. Eng. Appl. Sci., vol. 10, no. 2, pp. 652–660, 2015.

[24]. P. Kearney, Security : the Human Factor. IT Governance Pub, 2010.

[25]. K. Thomson and J. Van Niekerk, “Combating information security apathy by encouraging prosocial organisational behaviour,” Inf. Manag. Comput. Secur., vol. 20, no. 1, pp. 39–46, 2012.

[26]. P. Kearney, Security: The human factor. 2010.

[27]. P. Trivellas, “Work motivation and job performance of frontline employees: The mediating role of organizational commitment,” in 2011 IEEE International Conference on Industrial Engineering and Engineering Management, 2011, pp. 1878–1882.

[28]. Beyer, M., Ahmed, S., Doerlemann, K., Arnell, S., Parkin, S, and Sasse, AM, “Awareness is only the first step,” A framework for progressive engagement of staff in cybersecurity, techreport, Hewlett Packard Enterprise.,(2015).